New Simjacker Attack Exploited In the Wild To Track Users For At Least Two Years

Security researchers have disclosed today a major SMS-based attack method being abused in the real world by a surveillance vendor to track and monitor individuals. An anonymous reader shares a report: “We are quite confident that this exploit has been developed by a specific private company that works with governments to monitor individuals,” security researchers from AdaptiveMobile Security said in a report. “We believe this vulnerability has been exploited for at least the last 2 years by a highly sophisticated threat actor in multiple countries, primarily for the purposes of surveillance.”

The attack, named Simjacker, works by attackers sending SMS messages to victims’ phones. The SMS messages contain STK instructions that are run by a victim’s SIM card to gather location data and the IMEI code, which is then sent through an SMS message to a logging system. Researchers said they’ve seen Simjacker being abused to track hundreds of victims for two years, yet it is unclear if the victims are criminals tracked by law enforcement, or dissidents tracked by oppressive regimes. Over one billion smartphone users use SIM cards deemed vulnerable to this attack.